General

  • Target

    33715abdf13302b4e38bb97539f308e5

  • Size

    336KB

  • Sample

    231231-m35ywabdf5

  • MD5

    33715abdf13302b4e38bb97539f308e5

  • SHA1

    af83d7c029a4cc0c0f79d3220adaae2e5809b538

  • SHA256

    0a4bcb6ccfe422af9e0a55d8accdc0fe03c74a4816d184a9a0574ebebf92dd8a

  • SHA512

    4ef0830570358a96e5f0b3b40ece3c25f43f79090508c744d31b412832c34f905363c02c2efcc8b4ed4bb81dd56e4829a657a894cddf4201aacda8fb8a639cd8

  • SSDEEP

    6144:Asbr6x5a9mpN3argo9oHQqVPJZC/Ake3AmmiP0nWrZ:AsP39mpNvo9owqBz4e3AmRP0Wr

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija2

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

Attributes
  • build_id

    156

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      33715abdf13302b4e38bb97539f308e5

    • Size

      336KB

    • MD5

      33715abdf13302b4e38bb97539f308e5

    • SHA1

      af83d7c029a4cc0c0f79d3220adaae2e5809b538

    • SHA256

      0a4bcb6ccfe422af9e0a55d8accdc0fe03c74a4816d184a9a0574ebebf92dd8a

    • SHA512

      4ef0830570358a96e5f0b3b40ece3c25f43f79090508c744d31b412832c34f905363c02c2efcc8b4ed4bb81dd56e4829a657a894cddf4201aacda8fb8a639cd8

    • SSDEEP

      6144:Asbr6x5a9mpN3argo9oHQqVPJZC/Ake3AmmiP0nWrZ:AsP39mpNvo9owqBz4e3AmRP0Wr

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Enterprise v15

Tasks